This document is an HTML formatted version of a printed document.
The printed document may contain agency comments, charts, photographs,
appendices, footnotes and page numbers which may not be reproduced in this
electronic version. If you require a printed version of this document
contact the United States Securities and Exchange Commission, Office of
Inspector General, Mail Stop 11-7, 450 Fifth Street N.W., Washington, D.C.
20549 or call (202) 942-4460.
Securities and Exchange Commission
Office of Inspector General
Semiannual Report to Congress - September 1996
During this reporting period (April 1, 1996 to September 30, 1996) the Office of Inspector General (Office) completed eight audits and fourteen investigations. In addition, the Office issued three public investigative reports, making management recommendations arising from investigations.
Program audits of the efficiency and effectiveness of program operations, involving the selection of disclosure filings for review and information technology cost savings were completed. In addition, findings and recommendations were issued based on audits of international telephone service, administrative functions in Enforcement, the staff transportation subsidy program, the staff fitness program, the status of corrective actions of material weaknesses, and a bidder to the Commission's stenographic contract.
Eight matters investigated by the Office were referred to the Commission; four cases were also referred to the Department of Justice (three of which were declined for prosecution). The staff member involved in one of the investigations resigned from the Commission; another retired during the investigation. Six referrals remained pending at the end of the period. Three of the investigations resulted in recommendations to management for changes in management controls or policies.
The Commission plans to test its disaster recovery plans for its Electronic Data Gathering, Analysis and Retrieval (EDGAR) system by the end of the calendar year. Until these contingency backup recovery procedures are fully tested, the possible loss of this critical program function remains a real and significant risk to the Commission's program operations.
Although many improvements in controls over the collection of filing fees were made, the overall control structure remains inadequate. This condition will remain until a new fee system, which is currently in procurement, is implemented. In addition, information resources management continue to be a significant problem. Specifically, systems development contracting, Information Resources Management planning, and ADP security remain problem areas.
The Office issued eight audit reports during the reporting period. Three investigative reports with management recommendations were also issued. A total of forty-eight recommendations were made in these reports, which are further described below. Management generally concurred with the recommendations.
Selection of Filings for Review
Audit 229, August 1, 1996
The Division of Corporation Finance reviews filing documents from public companies for the adequacy of the disclosure. It reviews issuer filings on a selective basis. Filings are selected or screened for the appropriate level of review, based on certain financial and qualitative criteria. Selective review is intended to concentrate staff resources on filings most in need of review. A total of 76,500 filings were submitted in 1995. Of that total, 17,700 (23%) received either a full review, full financial review, or a monitor.
The audit objective was to evaluate controls over the process used to select filings for review and the review override process. We reviewed documentation, regulations, policies, and procedures concerning the filing selection process. An audit test on a judgement sample of filings and related documentation was conducted. We also interviewed Commission staff.
Overall, controls over the screening of filings for review, and management's overrides of initial review determinations, appeared effective. Moreover, during our audit, the Division independently took actions to review and improve controls over its screening process. We made several recommendations to improve the controls, which were implemented during the audit.
Information Technology Cost Savings
Audit 236, May 9, 1996
The Office of Information Technology (OIT) manages the Commission's computer technology. Over the last decade, the Commission planned and executed changes in information resources management which dramatically affected its work methods. The basic automation environment changed from one composed primarily of mainframe computers, stand-alone personal computers, and applications, to an integrated environment of mainframes and networked personal computers.
Our audit objective was to evaluate several possible cost saving measures identified during a prior survey of OIT. During the audit, we interviewed Commission and contractor staff, and analyzed relevant documentation.
We recommended that the Commission consider closing the headquarters mainframe computer facility, to save money, ensure an adequate disaster recovery capability, and comply with Office of Management and Budget guidance. In addition, we made several other recommendations to enhance the efficiency of computer operations.
Management generally concurred with the recommendations and pointed out that work was already underway to realize cost savings.
Stenographic Contract - Preaward
Audit 245, May 9, 1996
In support of the investigations and litigation conducted by the Enforcement Program, the Commission contracts for approximately $1.2 million in stenographic services annually. At the request of management, the Office contracted with M.D. Oppenheim & Company, a public accounting firm, to conduct a pre-award survey of a bidder prior to awarding a new contract.
The survey focused on the financial and operational capabilities of the firm. The auditors met with Commission and company officials, reviewed and discussed company operations and financial records and systems, and observed office operations.
The survey results, required and completed in a short timeframe, were initially presented to Commission contracting officials verbally. A final report was subsequently prepared that summarized the results of the survey including the financial and operational capability of the bidder.
Contract management officials in the Commission expressed satisfaction with the information developed and it became a key part of their deliberations. No audit recommendations were made.
Reported Management Control Weaknesses
Audit 252, September 9, 1996
Under the Federal Managers' Financial Integrity Act, the Commission is required to submit an annual certification of its management controls to the President and the Congress. The basis for the certification letter is specified in OMB Circular A-123.
At the request of the Chairman, we surveyed the progress made to date in addressing the six management control weaknesses reported in the December 29, 1995 management control certification letter. We conducted interviews and gathered documentation, but did not perform detailed audit tests. The completion estimates for corrective actions are those of management, although the information we have is consistent with their assessments.
The review indicated that the corrective actions for the following reported material weaknesses should be completed prior to the start of calendar year 1997:
- Disaster recovery capability for the EDGAR System,
- Collection of transaction fees,
- Recording of disgorgements, and
- Computer access restrictions.
In addition, progress will be made on the remaining two material weaknesses, although they will still be considered material by the end of the year:
- ADP security, and
- Collection of filing fees.
There were no audit recommendations made in the report.
International Telephone Service
Audit 238, August 27, 1996
The Commission uses a Private Automated Branch Exchange (PABX) telephone system for its headquarters. The system provides local and long distance service, and the capability to track outgoing calls.
Offices and divisions can ask for international telephone service to authorized employees, based on their need for the service. Approximately 420 employees had international telephone access (approximately 24% of headquarters employees).
The objective of our audit was to evaluate management controls over access to international telephone service, including procedures to identify potential instances of abuse. The audit reviewed international phone service from July 1995 to January 1996 for headquarters, the Operations Center, and the Annex building. During the audit, we interviewed Commission staff, performed analytical procedures, and reviewed telephone records, access reports, and other supporting documentation.
Although the audit did not identify any instances of abuse, management controls can be improved. We made several recommendations, including strengthening access controls, reviewing international service provided to conference rooms, and issuing guidance for requesting service.
The Office of Administrative and Personnel Management generally concurred with our findings and recommendations. It has already issued a memorandum implementing new procedures for granting and controlling international access.
Transportation Subsidy Program
Audit 237, August 21, 1996
The Commission established a Public Transportation Subsidy Program (PTSP) to encourage employees to use public transportation in order to conserve petroleum, reduce congestion, and improve air quality. Participants receive monthly subsidies (Metrocheks) from the Commission valid for local public transportation used in commuting to and from work. In 1995, the total cost of these subsidies was approximately $473,100 for approximately 1,950 participants.
The audit objectives were to evaluate the adequacy of the management controls for the PTSP, its compliance with applicable laws and regulations, and the effectiveness of the program in achieving its mission. The audit focused on 1995 activities at headquarters and three field offices. We interviewed program officials, performed analytical procedures, surveyed Commission staff, reviewed prior audit reports, compared aspects of the Commission's program with those at other government agencies, and reviewed supporting documentation, among other procedures.
The audit found that the management controls for the PTSP program were generally adequate. However, we recommended several improvements to the controls, as well as enhancements to PTSP's compliance with applicable laws and regulations including: separating program duties; improving the safeguarding of Metrocheks; periodically evaluating whether the program achieves quantifiable program goals and is cost-effective; and ensuring compliance with Commission policies and procedures. We did not identify any instances of fraudulent acts.
The Office of Administrative and Personnel Management, which administers the program, generally concurred with our findings and recommendations.
Enforcement Administrative Functions
Audit 233, May 15, 1996
The Division of Enforcement administers the Commission's primary mission of enforcing federal securities laws and has direct responsibility for all of the Commission's regional and district offices. The Division performs several administrative functions, including maintaining time and attendance and blotter records, authorizing travel expenditures, and helping maintain a property inventory.
The objective of the audit was to determine if Enforcement's administrative controls were functioning properly and in compliance with regulations. It covered controls relating to accounting, time and attendance, travel, property, and training. During the review, we interviewed Enforcement's administrative staff and conducted tests of controls. Procurement was not included in our audit scope.
The Division's administrative controls generally appeared to provide reasonable assurance that assets were safeguarded and operations were efficient and in compliance with policies and procedures. Several recommendations to enhance Enforcement's administrative controls were made including: requiring staff on flextime to sign in sequentially; reconciling blotter records with records of the Comptroller; providing additional training to the support staff; and improving document storage.
The Division and Offices of Administrative and Personnel Management and the Comptroller generally concurred with our recommendations.
Employee Fitness Program
Audit 247, September 30, 1996
Over the last several years, the Commission has effectively implemented a program to improve the health and fitness of its employees. It opened fitness centers in its headquarters and Operations Center; purchased weight training and aerobics equipment for the centers; and hired staff and a contractor (Sinai Fitness, Inc.) to help run the headquarters center, among other steps. A program of aerobics classes was established; physical assessments and advice to members were given; and numerous special programs and events were conducted, including seminars on healthy living and sports.
Our primary objective was to determine if the Commission's fitness program was effective. We also evaluated the extent of compliance with the headquarters Fitness Center contract, and the adequacy of financial reporting under the contract. We interviewed Commission and contractor staff, surveyed Fitness Center members, observed conditions at the headquarters and Operations Center facilities, and reviewed available documentation.
We found that the Commission had effectively implemented a fitness program by opening facilities at headquarters and the Operations Center. We made several recommendations to enhance the program, including: providing additional programs and safety at the Operations Center; publicizing subsidies for regional employees; and verifying the salary levels on which member fees are based.
Management generally concurred with the recommendations.
Investigative Reports on Management Issues
Three investigative reports, making management recommendations, were issued during the period. These reports are public and do not contain allegations, evidence, or names of subjects, but rather focus exclusively on corrective actions needed to strengthen controls. More traditional referral reports to management, Justice, are also issued, as appropriate.
Criteria for Voucher Audit
In the course of an investigation of voucher irregularities, we became aware of a control weakness in the voucher audit function in the Office of the Comptroller. The voucher audit procedures then in place did not include finding and preventing fraud as an objective. For example, a voucher was returned to the traveler due to suspicious claims. Although the traveler resubmitted the voucher in a substantially lesser amount, no inquiry was conducted nor was there heightened review of past or future vouchers from the traveler.
We recommended that the review procedures be revised to include steps to perform a preliminary inquiry of apparent irregularities or to refer them. Management generally concurred with the recommendation.
Internal investigations are conducted by OIG, EEO, and management, as circumstances dictate. Several issues related to use of administrative leave, the location of testimony and interviews, and use of contract court reporters are common to these investigations.
We recommended that a policy be developed for use of administrative leave, and that investigative effectiveness and staff privacy dictate the location of testimony and use of contract court reporters. Management of the various internal investigative units generally concurred with the recommendations.
Commission regulations require that attorneys representing staff in internal matters execute a nondisclosure agreement before staff are allowed to disclose nonpublic information to them. During an investigation, we learned of inconsistencies in policies and procedures related to these agreements.
We recommended that the policies and procedures be made consistent. Management concurred with the recommendation.
Fourteen investigations were closed during the period. Eight matters investigated by the Office were referred to the Commission; four cases were also referred to the Department of Justice (three of which were declined for prosecution). The staff member involved in one investigation resigned from the Commission; another retired. Three of the matters were referred to management with recommendations for changes in management policies (see prior section). The most significant cases are described below.
Travel Voucher Fraud
An investigation developed evidence that a Commission staff member had claimed significantly inflated travel expenses for reimbursement over an extended period of time. The Commission is in the process of taking administrative action.
Forgery and Impersonation
Evidence indicated that a clerical employee, through the use of forged and stolen documents, assumed the identity of a law clerk in order to qualify financially for an apartment. After being notified of our investigation, the employee resigned before administrative action could be taken.
At the close of the period, seven investigations were pending. The investigations included allegations of:
- Conflict of interest,
- Defrauding the government,
- Violation of contract security provisions,
- Unauthorized outside employment, and
- Time and attendance abuse.
No new significant problems were identified, based on work completed during the period.
SIGNIFICANT PROBLEMS IDENTIFIED PREVIOUSLY
Collection of Filing Fees
Our audit of the collection of filing fees confirmed the Commission's previous assessment that the management controls were not in material conformance with accounting standards. Although Commission management has made significant progress in correcting the most serious weaknesses, some corrective actions must await the implementation of a new computerized collection system. Until these corrective actions are implemented, the overall control structure will continue to fail to provide adequate assurance that accountability over filing fees is adequate.
Information Resources Management
The audit and investigative work in the prior reporting period identified significant weaknesses in the Commission's implementation of information technology. These weaknesses related to contracting for systems development, information resources planning, and ADP security.
The Commission hired new management for the Office of Information Technology. That Office has taken numerous, positive steps to address these and other problems, and further steps are planned. For example, a senior ADP committee is being established, and ADP guidance will be issued in phases. We will continue to monitor the Commission's actions to address these weaknesses.
EDGAR Disaster Recovery
Although we remain very concerned that the Commission does not have adequate, tested disaster recovery plans for its Electronic Data Gathering, Analysis and Retrieval system, Commission management expects to remedy the situation by the end of calendar 1996. Until these contingency backup recovery procedures are fully tested, the possible loss of this critical program function remains a real and significant risk to the Commission's program operations.
ACCESS TO INFORMATION
The Office of Inspector General has received access to all information required to carry out its activities. No reports to the Chairman, concerning refusal of such information, were made during the period.
Executive Council on Integrity and Efficiency
The Office actively participates in the activities of the Executive Council on Integrity and Efficiency (ECIE). The Inspector General attends all ECIE meetings and is an active member of its Financial Institutions Regulatory committee.
The Counsel to the Inspector General is a member of the President's Council on Integrity and Efficiency, Council of Counsels. The Council considers legal issues relevant to the Inspector General community.
Partial Realignment of the Office
In order to enhance the efficiency and effectiveness of audit services provided by the Office, some staff reassignments were made. The changes were in response to the Commission's plans to move most support functions and staff to its Operations Center in Alexandria, Virginia.
Previously, auditors were assigned one program and one or more support functions as their primary areas of responsibility. All support functions have been transferred to a single auditor and that auditor has been relocated to the Operations Center. The auditor's program assignment was transferred to another auditor. These moves will minimize travel between buildings and allow more concentrated attention on critical support functions.
October 31, 1996
The Honorable Arthur Levitt, Jr.
Securities and Exchange Commission
Washington, D.C. 20549
Dear Chairman Levitt:
The attached Semiannual Report to Congress summarizes the activities of the Office of Inspector General for the six months ending September 30, 1996. It contains descriptions and accounts of the audit reports we issued during the period and summarizes the activities of our investigative and other review functions.
In accordance with the Inspector General Act of 1978, as amended, this report should be forwarded to Congress, with your comments and a separate management report, by November 30, 1996.
Your continued support and cooperation, as well as that of the Commission and its staff, are greatly appreciated.